Wat are these...Superviser.exe and Death.exe...??!!!

[oc9ine]

Hi,

My Windows xp pc has been infected Superviser.exe and Death.exe but I really
am not able to get rid of them. I have physically deleted these files, used
Spybot search and destroy, nod32 antivirus but they dont go away, Whenever I
try install any software these exe files crop up out of now where and my pc
slows down.

Plz help me in this regard.

Waiting in positive anticipation.

Oc9ine.

 

[Lanwench [MVP - Exchange]]

In

Hi,

My Windows xp pc has been infected Superviser.exe and Death.exe but I
really am not able to get rid of them. I have physically deleted
these files, used Spybot search and destroy, nod32 antivirus but they
dont go away, Whenever I try install any software these exe files
crop up out of now where and my pc slows down.

Plz help me in this regard.

Waiting in positive anticipation.

Oc9ine.

Google is your friend.
See http://www.sophos.com/security/analyses/trojdelfdzx.html and
http://www.bleepingcomputer.com/startups/Supervisor.exe-5271.html , for
starters.

I'd first check out David Lipman's Multi-AV:
http://www.ik-cs.com/v2/multi-av.htm
and http://www.ik-cs.com/programs/virtools/Multi_AV.exe to download it.

You'll want to download & update this stuff on a non-infected
computer....and then use a USB memory stick or similar to get it onto the
infected one. Run the scans in safe mode.

Also see http://www.elephantboycomputers.com/page2.html#Removing_Malware

Note that a better group for this sort of question is
microsoft.public.security.homeusers (and m.p.security.virus - you can
crosspost a single message to both at once if you wish).

 

[Guest]

Hi,

My Windows xp pc has been infected Superviser.exe and Death.exe but I really
am not able to get rid of them. I have physically deleted these files, used
Spybot search and destroy, nod32 antivirus but they dont go away, Whenever I
try install any software these exe files crop up out of now where and my pc
slows down.

Plz help me in this regard.

Waiting in positive anticipation.

Oc9ine.

Hi,
You got the Super doper <G> the Trojan port list =( Lamers Death 2.x), try
to locate the running process for that beast and kill it here is how:
Click ALT + DELT + CTRL and Kill the processes mentioned.
Locate these EXE in the windows Explorer in these paths:

C:\WINDOWS\SYSTEM32\Supervise.exe = Delete

C:\WINDOWS\SYSTEM32\Death.exe. = Delete
C:\sample1L1.exe Delete.

Open a Run command and type in :
regedit.exe click [OK] and on the Registry Editor ;locate these Keys and
remove the process.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Supervise.exe
&ltSystem>\Supervise.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Death.exe
&ltSystem>\Death.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
CheckedValue
0

Run an online scan from here:
http://www.sophos.com
http://www.pandasecurity.com
http://www.trendmicro.com

and for malwares:
http://www.safer-networking.org

If you can't perform the above in Normal mode try safe Mode (best to do in
Both).

HTH.
Let us know.
Regs,
nass